LICENSE 0100644 0000764 0001001 00000002637 07467432274 012405 0 ustar Administrator None Shicks! Mailserver
Copyright (c) 2002, Gerson Kurz
All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, are permitted provided that the
following conditions are met:
Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials
provided with the distribution. The name Gerson Kurz may not
be used to endorse or promote products derived from this
software without specific prior written permission. THIS
SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
POP3Server.py 0100755 0000764 0001001 00000067603 07470657376 013677 0 ustar Administrator None #! /usr/bin/python
#
# POP3Server.py 0.9
#
# Copyright (C) 2001,2002 Gerson Kurz (not@p-nand-q.com)
# BSD-Licensed. This is free software, enjoy!
"""SHICKS! POP3 Server for Python
This server implements a RFC 1725 compliant POP3 server with a MySQL-based
mailbox storage. The RFC can be found online at
http://www.ietf.org/rfc/rfc1725.txt
The comments for the commands below are taken from that document. The
database format is discussed in README.HTM. This module is designed to
be reusable in other python projects.
"""
import sys, socket, SocketServer, os, time, ShicksTrace
import socket, md5, rotor, binascii, traceback, thread
CURRENT_VERSION = "0.9"
import ShicksUser # user management
import ShicksMessageList # message database
from ShicksConfig import GetConfigSettings
from POP3StatusMessages import status_msgs
# If this flag is set, deleted messages will be removed from the database, and physically
# deleted from the disk
PHYSICALLY_DELETE_MAILS = int(GetConfigSettings("PhysicallyDeleteMails","0"))
class POP3Server(SocketServer.TCPServer):
allow_reuse_address = 1
def server_bind(self):
"""Override server_bind to store the server name."""
SocketServer.TCPServer.server_bind(self)
host, port = self.socket.getsockname()
self.server_name = socket.getfqdn(host)
self.server_port = port
class POP3RequestHandler(SocketServer.ThreadingMixIn, SocketServer.StreamRequestHandler):
def SendMappedResponse(self,msg,args=None):
msg = self.status_messages[msg]
if args is not None:
msg = msg % args
print "WRITE:" + msg.strip()
self.wfile.write(msg)
self.wfile.flush()
def SendResponse(self,msg,displaymsg=1):
if displaymsg:
print "WRITE:" + msg.strip()
else:
print "(Transmitting mail body)"
self.wfile.write(msg)
self.wfile.flush()
def handle(self):
# POP3 mailbox state variables
self.user = None
self.transaction_state = 0
self.messagelist = None
self.terminated = 0
self.status_messages = status_msgs
# supported commands: all required and optional commands as mentioned in said RFC
cmdmap = { 'QUIT' : self.QuitConnection,
'USER' : self.SetUserName,
'PASS' : self.SetUserPassword,
'LIST' : self.ListMessages,
'UIDL' : self.GetUniqueIDList,
'DELE' : self.OnDeleteMessage,
'STAT' : self.GetStatistics,
'RSET' : self.ResetDeletedMessageIDs,
'RETR' : self.OnRetrieveMessage,
'APOP' : self.Md5SecureLogon,
'TOP' : self.GetMessageTopLines }
print "BEGIN of POP3 conversation with " + str(self.client_address)
self.secret = "" % (os.getpid(),thread.get_ident(),str(time.clock()),socket.gethostname(),str(id(self)))
self.SendMappedResponse('OK_GREETING', (CURRENT_VERSION, self.secret))
while not self.terminated:
self.inputline = self.rfile.readline().strip()
if self.inputline[:5].upper() in ('PASS:','PASS '):
print "READ: PASS: *******"
else:
print "READ:" + self.inputline.strip()
request = self.inputline.split()
if len(request):
request[0] = request[0].upper()
if cmdmap.has_key(request[0]):
cmdmap[request[0]](request)
else:
self.SendMappedResponse('ERR_CMD_UNKNOWN')
else:
break
print "END of POP3 conversation with " + str(self.client_address)
def SetUserName(self,request):
"""USER name
Arguments:
a string identifying a mailbox (required), which is of
significance ONLY to the server
Restrictions:
may only be given in the AUTHORIZATION state after the POP3
greeting or after an unsuccessful USER or PASS command
Possible Responses:
+OK name is a valid mailbox
-ERR never heard of mailbox name
Examples:
C: USER mrose
S: +OK mrose is a real hoopy frood
...
C: USER frated
S: -ERR sorry, no mailbox for frated here"""
if self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
self.user = ShicksUser.GetUserByName(request[1])
if self.user:
self.SendMappedResponse('OK_USER',request[1])
else:
self.SendMappedResponse('ERR_NOT_USER')
def SetUserPassword(self,request):
"""PASS string
Arguments:
a server/mailbox-specific password (required)
Restrictions:
may only be given in the AUTHORIZATION state after a
successful USER command
Discussion:
Since the PASS command has exactly one argument, a POP3
server may treat spaces in the argument as part of the
password, instead of as argument separators.
Possible Responses:
+OK maildrop locked and ready
-ERR invalid password
-ERR unable to lock maildrop
Examples:
C: USER mrose
S: +OK mrose is a real hoopy frood
C: PASS secret
S: +OK mrose's maildrop has 2 messages (320 octets)
...
C: USER mrose
S: +OK mrose is a real hoopy frood
C: PASS secret
S: -ERR maildrop already locked"""
if self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
if self.user is None:
return self.SendMappedResponse('LOGIN_REQUIRED')
pwd = ""
if len(request) > 1:
pwd = self.inputline[5:]
if pwd == self.user.getPassword():
self.GetMessagesForUserID()
print "Have %d message(s) in mailbox..." % len(self.messagelist)
self.SendMappedResponse('OK_LOGIN')
self.transaction_state = 1
else:
print "ERROR, invalid password!"
self.SendMappedResponse('ERR_LOGIN_MISMATCH')
def ListMessages(self,request):
"""LIST [msg]
Arguments:
a message-number (optional), which, if present, may NOT
refer to a message marked as deleted
Restrictions:
may only be given in the TRANSACTION state
Discussion:
If an argument was given and the POP3 server issues a
positive response with a line containing information for
that message. This line is called a "scan listing" for
that message.
If no argument was given and the POP3 server issues a
positive response, then the response given is multi-line.
After the initial +OK, for each message in the maildrop,
the POP3 server responds with a line containing information
for that message. This line is also called a "scan
listing" for that message.
In order to simplify parsing, all POP3 servers are required
to use a certain format for scan listings. A scan listing
consists of the message-number of the message, followed by
a single space and the exact size of the message in octets.
This memo makes no requirement on what follows the message
size in the scan listing. Minimal implementations should
just end that line of the response with a CRLF pair.
Note that messages marked as deleted are not listed.
Possible Responses:
+OK scan listing follows
-ERR no such message
Examples:
C: LIST
S: +OK 2 messages (320 octets)
S: 1 120
S: 2 200
S: .
...
C: LIST 2
S: +OK 2 200
...
C: LIST 3
S: -ERR no such message, only 2 messages in maildrop"""
if not self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
# handle optional message-id parameter
messageid = None
if len(request) > 1:
try:
messageid = int(request[1])
except:
print "Warning, LIST without proper request ID: " + str(request)
messageid = -1
if not messageid:
usedbytes = 0
response = ""
index = 0
for message in self.messagelist:
index += 1
# skip deleted messages
if message.getDeleted():
continue
response += "%d %d\r\n" % (index,message.getMessageSize())
usedbytes += message.getMessageSize()
response = "+OK %d %d\r\n" % (len(self.messagelist),usedbytes)+response+".\r\n"
else:
response = None
index = 0
for message in self.messagelist:
index += 1
if messageid == index:
response = "+OK %d %d\r\n" % (index,message.getMessageSize())
break
if not response:
return self.SendMappedResponse('ERR_MSG_UNKNOWN')
self.SendResponse(response)
def GetUniqueIDList(self,request):
"""UIDL [msg]
Arguments:
a message-number (optionally) If a message-number is given,
it may NOT refer to a message marked as deleted.
Restrictions:
may only be given in the TRANSACTION state.
Discussion:
If an argument was given and the POP3 server issues a positive
response with a line containing information for that message.
This line is called a "unique-id listing" for that message.
If no argument was given and the POP3 server issues a positive
response, then the response given is multi-line. After the
initial +OK, for each message in the maildrop, the POP3 server
responds with a line containing information for that message.
This line is called a "unique-id listing" for that message.
In order to simplify parsing, all POP3 servers are required to
use a certain format for unique-id listings. A unique-id
listing consists of the message-number of the message,
followed by a single space and the unique-id of the message.
No information follows the unique-id in the unique-id listing.
The unique-id of a message is an arbitrary server-determined
string, consisting of characters in the range 0x21 to 0x7E,
which uniquely identifies a message within a maildrop and
which persists across sessions. The server should never reuse
an unique-id in a given maildrop, for as long as the entity
using the unique-id exists.
Note that messages marked as deleted are not listed.
Possible Responses:
+OK unique-id listing follows
-ERR no such message
Examples:
C: UIDL
S: +OK
S: 1 whqtswO00WBw418f9t5JxYwZ
S: 2 QhdPYR:00WBw1Ph7x7
S: .
...
C: UIDL 2
S: +OK 2 QhdPYR:00WBw1Ph7x7
...
C: UIDL 3
S: -ERR no such message, only 2 messages in maildrop"""
if not self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
# handle optional message-id parameter
messageid = None
if len(request) > 1:
try:
messageid = int(request[1])
except:
print "Warning, UIDL without proper request ID: " + str(request)
messageid = -1
# create response
if messageid is None:
response = "+OK\r\n"
index = 0
for message in self.messagelist:
index += 1
# skip deleted messages
if message.getDeleted():
continue
response += "%d shicks%d.%s.%d\r\n" % (index,os.getpid(),str(time.clock()),message.getId())
response += ".\r\n"
else:
response = None
index = 0
for message in self.messagelist:
index += 1
if messageid == index:
response = "+OK %d shicks%d.%s.%d\r\n" % (index,os.getpid(),str(time.clock()),messag.getId())
break
if not response:
return self.SendMappedResponse('ERR_MSG_UNKNOWN')
self.SendResponse(response)
def OnRetrieveMessage(self,request):
"""RETR msg
Arguments:
a message-number (required) which may not refer to a
message marked as deleted
Restrictions:
may only be given in the TRANSACTION state
Discussion:
If the POP3 server issues a positive response, then the
response given is multi-line. After the initial +OK, the
POP3 server sends the message corresponding to the given
message-number, being careful to byte-stuff the termination
character (as with all multi-line responses).
Possible Responses:
+OK message follows
-ERR no such message
Examples:
C: RETR 1
S: +OK 120 octets
S:
S: ."""
if not self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
try:
messageid = int(request[1])
except:
print "Warning, RETR without proper request ID:", request
messageid = -1
body = self.GetEnvelopedMessageBody(messageid)
if body is None:
self.SendMappedResponse('ERR_MSG_UNKNOWN')
else:
self.SendResponse("+OK message follows\r\n"+body+"\r\n.\r\n",0)
def OnDeleteMessage(self,request):
"""DELE msg
Arguments:
a message-number (required) which may not refer to a
message marked as deleted
Restrictions:
may only be given in the TRANSACTION state
Discussion:
The POP3 server marks the message as deleted. Any future
reference to the message-number associated with the message
in a POP3 command generates an error. The POP3 server does
not actually delete the message until the POP3 session enters
the UPDATE state.
Possible Responses:
+OK message deleted
-ERR no such message
Examples:
C: DELE 1
S: +OK message 1 deleted
...
C: DELE 2
S: -ERR message 2 already deleted"""
if not self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
try:
messageid = int(request[1])
except:
return self.SendMappedResponse('ERR_MSG_UNKNOWN')
if messageid >= 1 and messageid <= len(self.messagelist):
messageid -= 1
# mark message as deleted
self.messagelist[messageid].setDeleted(1)
return self.SendMappedResponse('OK_DELETE')
self.SendMappedResponse('ERR_MSG_UNKNOWN')
def GetStatistics(self,request):
"""STAT
Arguments: none
Restrictions:
may only be given in the TRANSACTION state
Discussion:
The POP3 server issues a positive response with a line
containing information for the maildrop. This line is
called a "drop listing" for that maildrop.
In order to simplify parsing, all POP3 servers required to
use a certain format for drop listings. The positive
response consists of "+OK" followed by a single space, the
number of messages in the maildrop, a single space, and the
size of the maildrop in octets. This memo makes no
requirement on what follows the maildrop size. Minimal
implementations should just end that line of the response
with a CRLF pair. More advanced implementations may
include other information.
Note that messages marked as deleted are not counted in
either total.
Possible Responses:
+OK nn mm
Examples:
C: STAT
S: +OK 2 320"""
if not self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
usedbytes = 0
response = ""
for message in self.messagelist:
# skip deleted messages
if message.getDeleted():
continue
usedbytes += message.getMessageSize()
self.SendMappedResponse('OK_SINGLE_LIST',(len(self.messagelist),usedbytes))
def ResetDeletedMessageIDs(self,request):
"""RSET
Arguments: none
Restrictions:
may only be given in the TRANSACTION state
Discussion:
If any messages have been marked as deleted by the POP3
server, they are unmarked. The POP3 server then replies
with a positive response.
Possible Responses:
+OK
Examples:
C: RSET
S: +OK maildrop has 2 messages (320 octets)"""
if not self.transaction_state:
return self.SendMapppedResponse('ERR_INVALID_STATE')
for i in xrange(len(self.messagelist)):
# mark all messages as not-deleted
self.messagelist[i].setDeleted(0)
self.SendMappedResponse('OK_RSET')
def GetMessageTopLines(self,request):
"""TOP msg n
Arguments:
a message-number (required) which may NOT refer to to a
message marked as deleted, and a non-negative number
(required)
Restrictions:
may only be given in the TRANSACTION state
Discussion:
If the POP3 server issues a positive response, then the
response given is multi-line. After the initial +OK, the
POP3 server sends the headers of the message, the blank
line separating the headers from the body, and then the
number of lines indicated message's body, being careful to
byte-stuff the termination character (as with all multi-
line responses).
Note that if the number of lines requested by the POP3
client is greater than than the number of lines in the
body, then the POP3 server sends the entire message.
Possible Responses:
+OK top of message follows
-ERR no such message
Examples:
C: TOP 1 10
S: +OK
S:
S: .
...
C: TOP 100 3
S: -ERR no such message"""
if not self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
if len(request) != 3:
return self.SendMappedResponse('ERR_INVALID_SYNTAX')
try:
messageid = int(request[1])
except:
print "Warning, TOP without proper request ID:", request
messageid = -1
try:
nroflines = int(request[2])
except:
print "Warning, TOP without proper request ID:", request
nroflines = 0
body = self.GetEnvelopedMessageBody(messageid)
print "read body", len(body)
if body is not None:
lines = body.split("\r\n")
found, isHeader, line = -1, 1, 0
while line < len(lines):
if isHeader:
# skip header lines. Header lines have a :
if lines[line].find(':') == 0:
isHeader = 0
else:
found += 1
if found == nroflines:
lines = lines[:line]
body = "\r\n".join(lines)
break
line += 1
self.SendResponse("+OK\r\n"+body+"\r\n.\r\n")
else:
self.SendMappedResponse('ERR_MSG_UNKNOWN')
def QuitConnection(self,request):
"""QUIT
Arguments: none
Restrictions: none
Discussion:
The POP3 server removes all messages marked as deleted from
the maildrop. It then releases any exclusive-access lock
on the maildrop and replies as to the status of these
operations. The TCP connection is then closed.
Possible Responses:
+OK
Examples:
C: QUIT
S: +OK dewey POP3 server signing off (maildrop empty)
...
C: QUIT
S: +OK dewey POP3 server signing off (2 messages left)
..."""
self.terminated = 1
self.SendMappedResponse('OK_QUIT')
ids = []
for message in self.messagelist:
if message.getDeleted():
ids.append(message.getId())
if len(ids):
ShicksMessageList.DeleteMessageBodies(ids,PHYSICALLY_DELETE_MAILS)
def Md5SecureLogon(self,request):
"""APOP name digest
Arguments:
a string identifying a mailbox and a MD5 digest string
(both required)
Restrictions:
may only be given in the AUTHORIZATION state after the POP3
greeting
Discussion:
Normally, each POP3 session starts with a USER/PASS
exchange. This results in a server/user-id specific
password being sent in the clear on the network. For
intermittent use of POP3, this may not introduce a sizable
risk. However, many POP3 client implementations connect to
the POP3 server on a regular basis -- to check for new
mail. Further the interval of session initiation may be on
the order of five minutes. Hence, the risk of password
capture is greatly enhanced.
An alternate method of authentication is required which
provides for both origin authentication and replay
protection, but which does not involve sending a password
in the clear over the network. The APOP command provides
this functionality.
A POP3 server which implements the APOP command will
include a timestamp in its banner greeting. The syntax of
the timestamp corresponds to the `msg-id' in [RFC822], and
MUST be different each time the POP3 server issues a banner
greeting. For example, on a UNIX implementation in which a
separate UNIX process is used for each instance of a POP3
server, the syntax of the timestamp might be:
where `process-ID' is the decimal value of the process's
PID, clock is the decimal value of the system clock, and
hostname is the fully-qualified domain-name corresponding
to the host where the POP3 server is running.
The POP3 client makes note of this timestamp, and then
issues the APOP command. The `name' parameter has
identical semantics to the `name' parameter of the USER
command. The `digest' parameter is calculated by applying
the MD5 algorithm [RFC1321] to a string consisting of the
timestamp (including angle-brackets) followed by a shared
secret. This shared secret is a string known only to the
POP3 client and server. Great care should be taken to
prevent unauthorized disclosure of the secret, as knowledge
of the secret will allow any entity to successfully
masquerade as the named user. The `digest' parameter
itself is a 16-octet value which is sent in hexadecimal
format, using lower-case ASCII characters.
When the POP3 server receives the APOP command, it verifies
the digest provided. If the digest is correct, the POP3
server issues a positive response, and the POP3 session
enters the TRANSACTION state. Otherwise, a negative
response is issued and the POP3 session remains in the
AUTHORIZATION state.
Note that as the length of the shared secret increases, so
does the difficulty of deriving it. As such, shared
secrets should be long strings (considerably longer than
the 8-character example shown below).
Possible Responses:
+OK maildrop locked and ready
-ERR permission denied
Examples:
S: +OK POP3 server ready <1896.697170952@dbc.mtview.ca.us>
C: APOP mrose c4c9334bac560ecc979e58001b3e22fb
S: +OK maildrop has 1 message (369 octets)
In this example, the shared secret is the string `tan-
staaf'. Hence, the MD5 algorithm is applied to the string
<1896.697170952@dbc.mtview.ca.us>tanstaaf
which produces a digest value of
c4c9334bac560ecc979e58001b3e22fb"""
if self.transaction_state:
return self.SendMappedResponse('ERR_INVALID_STATE')
if len(request) != 3:
return self.SendMappedResponse('ERR_INVALID_SYNTAX')
self.user = ShicksUser.GetUserByName(request[1])
if not self.user:
return self.SendMappedResponse('ERR_NOT_USER')
expected = md5.new(self.secret + self.user.getPassword()).hexdigest()
if expected != request[2]:
print "ERROR, invalid password: expected",expected,"but got",request[2]
return self.SendMappedResponse('ERR_LOGIN_MISMATCH')
self.GetMessagesForUserID()
print "Have %d message(s) in mailbox..." % len(self.messagelist)
self.SendMappedResponse('OK_APOP')
self.transaction_state = 1
def GetMessagesForUserID(self):
self.messagelist = ShicksMessageList.GetUnreadMessagesForUserID(self.user.getId())
def GetEnvelopedMessageBody(self,messageid):
if messageid >= 1 and messageid <= len(self.messagelist):
message = self.messagelist[messageid-1]
else:
print "ERROR, invalid message id", messageid, "only have", len(self.messagelist), "messages"
return None
body = message.getFilename()
if body:
result = None
try:
file = open(body,"rb")
result = file.read()
file.close()
except:
traceback.print_exc()
return result
def StartPOP3Server():
server = POP3Server(('', 110), POP3RequestHandler)
print "POP3 server starting - Version %s on %s" % (CURRENT_VERSION,socket.gethostname())
server.serve_forever()
print "POP3 server returned"
if __name__ == '__main__':
TRACE_DIRECTORY = GetConfigSettings("Logfiles",(os.name == "nt") and "c:\\shicks\\log" or "/usr/share/shicks/log")
try:
os.makedirs(TRACE_DIRECTORY )
except:
pass
ShicksTrace.TraceFileName = os.path.join(TRACE_DIRECTORY,"POP3Server.log")
ShicksTrace.Enable()
StartPOP3Server()
POP3StatusMessages.py 0100755 0000764 0001001 00000003360 07470657445 015367 0 ustar Administrator None #! /usr/bin/python
#
# SMTPServer.py 0.9
#
# Copyright (C) 2001,2002 Gerson Kurz (not@p-nand-q.com)
# BSD-Licensed. This is free software, enjoy!
status_msgs = {
'OK_GENERAL' : '+OK\r\n',
'OK_GREETING' : '+OK Shicks! POP3 Service %s ready %s\r\n',
'OK_LOGIN' : '+OK login successful\r\n',
'OK_USER' : '+OK %s is a valid mailbox\r\n',
'OK_QUIT' : '+OK Connection is closing.\r\n',
'OK_SINGLE_LIST' : '+OK %d %d\r\n',
'OK_MSG_LIST' : '+OK %i message (%i octets)\r\n',
'OK_DELETE' : '+OK The message was successfully deleted\r\n',
'OK_RETR' : '+OK message follows (%i octets)\r\n',
'OK_RSET' : '+OK Resetting all messages done\r\n',
'OK_STAT' : '+OK %i %i\r\n',
'OK_TOP' : '+OK top %i lines of message follows\r\n',
'OK_APOP' : '+OK maildrop locked and ready\r\n',
'OK_SINGLE_UIDL' : '+OK %i %s\r\n',
'OK_MSG_UIDL' : '+OK Unique message id list follows\r\n',
'OK_CAPA' : '+OK Capability list follows\r\n',
'ERR_CMD_UNKNOWN' : '-ERR unknown command\r\n',
'ERR_MSG_UNKNOWN' : '-ERR unknown or invalid message id\r\n',
'ERR_INV_STATE' : '-ERR Invalid transaction state\r\n',
'ERR_NO_USER' : '-ERR No user was yet specified\r\n',
'ERR_NOT_USER' : '-ERR never heard of mailbox name\r\n',
'ERR_LOGIN_MISMATCH' : '-ERR username and password did not match\r\n',
'ERR_INVALID_SYNTAX' : '-ERR Invalid syntax for this command\r\n',
'CMD_UNKNOWN' : '-ERR %s command unknown\r\n',
'LOGIN_REQUIRED' : '-ERR Not yet logged in.\r\n',
}
SMTPServer.py 0100755 0000764 0001001 00000124707 07470660334 013724 0 ustar Administrator None #! /usr/bin/python
#
# SMTPServer.py 0.9
#
# Copyright (C) 2001,2002 Gerson Kurz (not@p-nand-q.com)
# BSD-Licensed. This is free software, enjoy!
"""SHICKS! SMTP Server for Python
This server implements a RFC 821 compliant SMTP server with a MySQL-based
mailbox storage. The RFC can be found online at
http://www.ietf.org/rfc/rfc821.txt
The comments for the commands below are taken from that document. The
database format is discussed in README.HTM. This module is designed to
be reusable in other python projects.
"""
import sys, socket, SocketServer, traceback, cStringIO, time, hmac
import smtplib, binascii, os, ShicksTrace, fnmatch, base64, thread, rotor
import mxlookup
from SMTPStatusMessages import status_msgs
from SMTPUtilities import *
from ShicksConfig import GetConfigSettings
from ShicksSpamCheck import * # spamcheck handling
import ShicksUser # user management
import ShicksMessageList # message list handling
CURRENT_VERSION = "0.9"
# If this flag is set, SMTP-AUTH must be used
REQUIRE_SMTP_AUTH = int(GetConfigSettings("RequireSmtpAuth","0"))
# If this flag is set, mails to @local-domain will be forwarded to the administrative account
CATCH_ALL = int(GetConfigSettings("CatchAll","0"))
# This is the relay SMTP server used for mail sent to remote recipients
RELAY_SMTP_SERVER_NAME = GetConfigSettings("SmtpRelayServer","")
USE_RELAY_SMTP_SERVER = int(GetConfigSettings("UseRelaySmtpServer","0"))
default_storage = "/usr/share/shicks/mail"
if os.name == "nt":
default_storage = "c:\\shicks\\mail"
LOCAL_STORAGE = GetConfigSettings("LocalStorage",default_storage)
ALLOW_UNKNOWN_RECEIVER_DEFAULT = int(GetConfigSettings("AllowUnknownReceiverDefault","1"))
ALLOW_UNKNOWN_SENDER_DEFAULT = int(GetConfigSettings("AllowUnknownReceiverDefault","1"))
ADMIN_ACCOUNT = GetConfigSettings("AdminAccount","")
# mails that use this domain
DEFAULT_LOCAL_DOMAIN = GetConfigSettings("LocalDomain","")
# will be forwarded to this account
UNKNOWN_ACCOUNT = GetConfigSettings("UnknownLocalAccount","")
# Strict test for relaying. If enabled (by default), either the sender or ALL receivers must
# have a known local address. If disabled, either the sender or ONE OF the receivers must be a
# known local address
STRICT_RELAY_TEST = int(GetConfigSettings("StrictRelayTest","1"))
IP_ADDRESS_RANGE = decodeAddressRangeString(GetConfigSettings("LocalIpRange",""))
DENY_HOSTS_LIST = decodeAddressRangeString(GetConfigSettings("DenyHostsList",""))
BLACKLIST_DOMAINS = decodeAddressRangeString(GetConfigSettings("BlacklistDomains",";".join(BLACKLIST_DOMAINS)))
BLACKLIST_IGNORE = decodeAddressRangeString(GetConfigSettings("BlacklistIgnore",";".join(BLACKLIST_IGNORE)))
try:
os.makedirs(LOCAL_STORAGE)
except:
pass
UNIQUE_ID_COUNTER = 1L
class SMTPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
allow_reuse_address = 1 # Seems to make sense in testing environment
def server_bind(self):
"""Override server_bind to store the server name."""
SocketServer.TCPServer.server_bind(self)
host, port = self.socket.getsockname()
self.server_name = socket.getfqdn(host)
self.server_port = port
class SMTPRequestHandler(SocketServer.StreamRequestHandler):
def SendResponse(self,msg,args=None):
# messages that indicate abuse => stop communication ASAP
if msg in ('ERR_ACC_DENIED',
'ERR_ACC_DENIED_BY_BLACKLIST',
'ERR_ACC_DENIED_BY_RULE',
'ERR_ACC_DENIED_UNKNOWN_USER'):
self.terminated = 1
msg = self.status_messages[msg]
if args is not None:
msg = msg % args
print "WRITE:" + msg.rstrip()
self.wfile.write(msg)
self.wfile.flush()
def ResetMessage(self):
self.message = { 'FROM':None, 'TO':[], 'MSG':[] }
def handle(self):
# SMTP mailbox state variables
self.terminated = 0
self.receiving_data = 0
self.ResetMessage()
self.status_messages = status_msgs
# AUTH handling
self.AuthSecret = "%d.%d.%s@%s.%s" % (os.getpid(),thread.get_ident(),str(time.clock()),socket.gethostname(),str(id(self)))
self.AuthPending = None
self.AuthDone = 0
# supported commands: all required and optional commands as mentioned in said RFC
cmdmap = { 'HELO' : self.SendGreeting,
'QUIT' : self.CloseConnection,
'MAIL' : self.MailCommand,
'RCPT' : self.ReceiveTo,
'NOOP' : self.NoOperation,
'RSET' : self.ResetOperation,
'VRFY' : self.VerifyAddress,
'EXPN' : self.ExpandList,
'HELP' : self.HelpMessage,
'EHLO' : self.SendExtendedGreeting,
'AUTH' : self.Auth,
'DATA' : self.StartReceivingData }
print "BEGIN of SMTP conversation with " + str(self.client_address)
# determine if this is a local connection. if it is, then
# some restrictions are lowered.
ip_address = self.client_address[0]
self.sender_host = self.ip_address_string = str(ip_address)
self.is_local_connection = 0
global IP_ADDRESS_RANGE
if IP_ADDRESS_RANGE is not None:
if addressInRange(ip_address,IP_ADDRESS_RANGE):
self.is_local_connection = 1
print "Connection is local, skipping relay checks."
if not self.is_local_connection:
# check if this comes from a known spammer; if so, reject conversation
blacklist_host = checkRelayBlacklist(ip_address)
if blacklist_host is not None:
print "Host '%s' is blacklisted by %s, denying access" % (ip_address, blacklist_host)
return self.SendResponse('ERR_ACC_DENIED_BY_BLACKLIST',(ip_address, blacklist_host))
# check if this mail is on the local deny list
if addressInRange(ip_address, DENY_HOSTS_LIST):
print "Host '%s' is on the local deny-hosts-list, denying access" % (ip_address)
return self.SendResponse('ERR_ACC_DENIED_BY_RULE', (ip_address))
self.SendResponse("OK_WELCOME",(CURRENT_VERSION))
elcount = 0
while not self.terminated:
self.inputline = self.rfile.readline()
line = self.inputline.strip()
if self.receiving_data:
if self.inputline == '.\r\n':
self.SendMessage()
else:
self.message['MSG'].append(self.inputline)
continue
elif line == '':
print "Got empty line %d" % elcount
elcount += 1
if elcount == 10:
break
continue
elcount = 0
print "READ:" + line.strip()
if self.AuthPending:
self.AuthResponse(line)
continue
request = splitMailHeader(line)
# smtp is case-insensitive
request[0] = request[0].upper()
if cmdmap.has_key(request[0]):
cmdmap[request[0]](request)
else:
self.SendResponse('ERR_CMD_UNKNOWN',(request[0]))
print "END of SMTP conversation with " + str(self.client_address)
def VerifyAddress(self,request):
"""VERIFY (VRFY)
This command asks the receiver to confirm that the argument
identifies a user. If it is a user name, the full name of
the user (if known) and the fully specified mailbox are
returned.
This command has no effect on any of the reverse-path
buffer, the forward-path buffer, or the mail data buffer."""
address = request[1]
name = self.GetExpandedName(address)
if name:
self.SendResponse('OK_VERIFY',name)
else:
self.SendResponse('ERR_USR_UNKNOWN',name)
def ExpandList(self,request):
"""EXPAND (EXPN)
This command asks the receiver to confirm that the argument
identifies a mailing list, and if so, to return the
membership of that list. The full name of the users (if
known) and the fully specified mailboxes are returned in a
multiline reply.
This command has no effect on any of the reverse-path
buffer, the forward-path buffer, or the mail data buffer."""
# todo: add mailing list support
self.SendResponse('ERR_UNKNOWN_MBOX')
def HelpMessage(self,request):
"""HELP (HELP)
This command causes the receiver to send helpful information
to the sender of the HELP command. The command may take an
argument (e.g., any command name) and return more specific
information as a response.
This command has no effect on any of the reverse-path
buffer, the forward-path buffer, or the mail data buffer."""
self.SendResponse('OK_HELP')
def ResetOperation(self,request):
"""RESET (RSET)
This command specifies that the current mail transaction is
to be aborted. Any stored sender, recipients, and mail data
must be discarded, and all buffers and state tables cleared.
The receiver must send an OK reply."""
self.ResetMessage()
self.SendResponse('OK_RESET')
def SendGreeting(self,request):
"""HELLO (HELO)
This command is used to identify the sender-SMTP to the
receiver-SMTP. The argument field contains the host name of
the sender-SMTP.
The receiver-SMTP identifies itself to the sender-SMTP in
the connection greeting reply, and in the response to this
command.
This command and an OK reply to it confirm that both the
sender-SMTP and the receiver-SMTP are in the initial state,
that is, there is no transaction in progress and all state
tables and buffers are cleared."""
if len(request) > 1:
self.sender_host = request[1]
ip_address = getIpAddress(self.sender_host)
try:
ip_address = socket.gethostbyname(self.sender_host)
except:
return self.SendResponse('ERR_ACC_DENIED_INVALID_DOMAIN',(self.sender_host))
if ip_address <> self.ip_address_string:
# I'm not sure if that is a fatal condition or not, so I'll just warn here
print "Warning, host '%s' resolves to %s, but mail comes from %s." % (self.sender_host, ip_address, self.ip_address_string)
else:
# send access denied, because user *must* send domain
return self.SendResponse('ERR_ACC_DENIED_NO_DOMAIN')
self.SendResponse('OK_GREETING',(self.sender_host,self.ip_address_string))
def Auth(self,request):
# see http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2554.html for details
print "requested auth method=%s" % request[1]
if request[1] == 'CRAM-MD5':
# cram-md5: used e.g. by pythons' smtplib
self.AuthPending = request[1]
return self.SendResponse('OK_SEND_AUTH_REQUIRED',base64.encodestring(self.AuthSecret).strip())
if request[1] == 'LOGIN':
# used by mozilla
if len(request) == 3:
username = base64.decodestring(request[2])
user = ShicksUser.GetUserByName(username)
if not user:
print "ERROR, user '%s' is not known" % username
return self.SendResponse('ERR_AUTH_FAILED')
self.AuthPending = (request[1], user)
print "Have pending AUTH request for user '%s'" % username
return self.SendResponse('OK_SEND_AUTH_NEXT')
else:
# used by outlook/outlook express
self.AuthPending = ["OUTLOOK", None, None] # username not yet known
return self.SendResponse('OK_SEND_AUTH_REQUIRED',base64.encodestring("Username:").strip())
return self.SendResponse('ERR_AUTH_TYPE')
def IsValidAuthResponse(self, response):
# find name
x = response.rfind(" ")
if x < 0:
print "ERROR, didn't find user name in auth response"
return 0
# find associated password from db
username = response[:x]
user = ShicksUser.GetUserByName(username)
if not user:
print "ERROR, '%s' is not a valid username" % username
return 0
# create expected result
expected_response = username + " " + hmac.HMAC(user.getPassword(), self.AuthSecret).hexdigest()
if response != expected_response:
print "ERROR, didn't match expected response"
return 0
print "OK, auth successfull"
return 1
def AuthResponse(self,line):
response = base64.decodestring(line)
if self.AuthPending == 'CRAM-MD5':
if self.IsValidAuthResponse(response):
self.SendResponse('OK_AUTH')
self.AuthDone = 1
else:
self.SendResponse('ERR_AUTH_FAILED')
elif self.AuthPending[0] == 'OUTLOOK':
# if this the username ?
if self.AuthPending[1] is None:
username = response
user = ShicksUser.GetUserByName(username)
if not user:
print "ERROR, '%s' is not a valid username" % username
return self.SendResponse('ERR_AUTH_FAILED')
self.AuthPending = ["OUTLOOK", user]
return self.SendResponse('OK_SEND_AUTH_NEXT',base64.encodestring("Password:").strip())
else: # this is the password
if self.AuthPending[1].getPassword() == response:
self.SendResponse('OK_AUTH')
self.AuthDone = 1
print "OK, auth successfull"
else:
print "ERROR, invalid password"
self.SendResponse('ERR_AUTH_FAILED')
elif self.AuthPending[0] == 'LOGIN':
if self.AuthPending[1].getPassword() == response:
self.SendResponse('OK_AUTH')
self.AuthDone = 1
print "OK, auth successfull"
else:
print "ERROR, invalid password"
self.SendResponse('ERR_AUTH_FAILED')
self.AuthPending = None
def SendExtendedGreeting(self,request):
# See http://www.faqs.org/rfcs/rfc2821.html for details
if len(request) > 1:
print "sender is '%s'" % request[1]
self.sender_host = request[1]
ip_address = getIpAddress(self.sender_host)
try:
ip_address = socket.gethostbyname(self.sender_host)
except:
return self.SendResponse('ERR_ACC_DENIED_INVALID_DOMAIN',(self.sender_host))
if ip_address <> self.ip_address_string:
# I'm not sure if that is a fatal condition or not, so I'll just warn here
print "Warning, host '%s' resolves to %s, but mail comes from %s." % (self.sender_host, ip_address, self.ip_address_string)
else:
# send access denied, because user *must* send domain
return self.SendResponse('ERR_ACC_DENIED_NO_DOMAIN')
self.SendResponse('OK_EHLO',(CURRENT_VERSION))
def CloseConnection(self,request):
"""QUIT (QUIT)
This command specifies that the receiver must send an OK
reply, and then close the transmission channel.
The receiver should not close the transmission channel until
it receives and replies to a QUIT command (even if there was
an error). The sender should not close the transmission
channel until it send a QUIT command and receives the reply
(even if there was an error response to a previous command).
If the connection is closed prematurely the receiver should
act as if a RSET command had been received (canceling any
pending transaction, but not undoing any previously
completed transaction), the sender should act as if the
command or transaction in progress had received a temporary
error (4xx)."""
self.SendResponse("OK_QUIT")
self.terminated = 1
def NoOperation(self,request):
"""NOOP (NOOP)
This command does not affect any parameters or previously
entered commands. It specifies no action other than that
the receiver send an OK reply.
This command has no effect on any of the reverse-path
buffer, the forward-path buffer, or the mail data buffer."""
self.SendResponse('OK_NOOP')
def MailCommand(self,request):
"""MAIL (MAIL)
MAIL FROM: [OPTIONS]
This command is used to initiate a mail transaction in which
the mail data is delivered to one or more mailboxes. The
argument field contains a reverse-path.
The reverse-path consists of an optional list of hosts and
the sender mailbox. When the list of hosts is present, it
is a "reverse" source route and indicates that the mail was
relayed through each host on the list (the first host in the
list was the most recent relay). This list is used as a
source route to return non-delivery notices to the sender.
As each relay host adds itself to the beginning of the list,
it must use its name as known in the IPCE to which it is
relaying the mail rather than the IPCE from which the mail
came (if they are different). In some types of error
reporting messages (for example, undeliverable mail
notifications) the reverse-path may be null (see Example 7).
This command clears the reverse-path buffer, the
forward-path buffer, and the mail data buffer; and inserts
the reverse-path information from this command into the
reverse-path buffer."""
if REQUIRE_SMTP_AUTH and not self.AuthDone:
print "ERROR, cannot send mail as long as AUTH not completed."
return self.SendResponse('ERR_AUTH_REQ')
if request[1].upper() != 'FROM:':
return self.SendResponse('ERR_MISS_FROM')
if not self.IsSenderAllowed(request[2]):
return self.SendResponse('ERR_ACC_DENIED_UNKNOWN_USER',request[2])
self.message["FROM"] = request[2]
self.SendResponse('OK_FROM_ACCPT')
def ReceiveTo(self,request):
"""RECIPIENT (RCPT)
This command is used to identify an individual recipient of
the mail data; multiple recipients are specified by multiple
use of this command.
The forward-path consists of an optional list of hosts and a
required destination mailbox. When the list of hosts is
present, it is a source route and indicates that the mail
must be relayed to the next host on the list. If the
receiver-SMTP does not implement the relay function it may
user the same reply it would for an unknown local user
(550).
When mail is relayed, the relay host must remove itself from
the beginning forward-path and put itself at the beginning
of the reverse-path. When mail reaches its ultimate
destination (the forward-path contains only a destination
mailbox), the receiver-SMTP inserts it into the destination
mailbox in accordance with its host mail conventions.
For example, mail received at relay host A with arguments
FROM:
TO:
will be relayed on to host B with arguments
FROM:
TO:.
This command causes its forward-path argument to be appended
to the forward-path buffer."""
if request[1].upper() != 'TO:':
return self.SendResponse('ERR_MISS_TO')
if not self.IsReceiverAllowed(request[2]):
return self.SendResponse('ERR_ACC_DENIED_UNKNOWN_USER',request[2])
self.message["TO"].append(request[2])
self.SendResponse('OK_TO_ACCPT')
def StartReceivingData(self,request):
"""DATA (DATA)
The receiver treats the lines following the command as mail
data from the sender. This command causes the mail data
from this command to be appended to the mail data buffer.
The mail data may contain any of the 128 ASCII character
codes.
The mail data is terminated by a line containing only a
period, that is the character sequence "." (see
Section 4.5.2 on Transparency). This is the end of mail
data indication.
The end of mail data indication requires that the receiver
must now process the stored mail transaction information.
This processing consumes the information in the reverse-path
buffer, the forward-path buffer, and the mail data buffer,
and on the completion of this command these buffers are
cleared. If the processing is successful the receiver must
send an OK reply. If the processing fails completely the
receiver must send a failure reply.
When the receiver-SMTP accepts a message either for relaying
or for final delivery it inserts at the beginning of the
mail data a time stamp line. The time stamp line indicates
the identity of the host that sent the message, and the
identity of the host that received the message (and is
inserting this time stamp), and the date and time the
message was received. Relayed messages will have multiple
time stamp lines.
When the receiver-SMTP makes the "final delivery" of a
message it inserts at the beginning of the mail data a
return path line. The return path line preserves the
information in the from the MAIL command.
Here, final delivery means the message leaves the SMTP
world. Normally, this would mean it has been delivered to
the destination user, but in some cases it may be further
processed and transmitted by another mail system.
It is possible for the mailbox in the return path be
different from the actual sender's mailbox, for example,
if error responses are to be delivered a special error
handling mailbox rather than the message senders.
The preceding two paragraphs imply that the final mail data
will begin with a return path line, followed by one or more
time stamp lines. These lines will be followed by the mail
data header and body [2]. See Example 8.
Special mention is needed of the response and further action
required when the processing following the end of mail data
indication is partially successful. This could arise if
after accepting several recipients and the mail data, the
receiver-SMTP finds that the mail data can be successfully
delivered to some of the recipients, but it cannot be to
others (for example, due to mailbox space allocation
problems). In such a situation, the response to the DATA
command must be an OK reply. But, the receiver-SMTP must
compose and send an "undeliverable mail" notification
message to the originator of the message. Either a single
notification which lists all of the recipients that failed
to get the message, or separate notification messages must
be sent for each failed recipient (see Example 7). All
undeliverable mail notification messages are sent using the
MAIL command (even if they result from processing a SEND,
SOML, or SAML command)."""
if not self.is_local_connection and not self.CanSendMessage():
self.terminated = 1
return self.SendResponse('ERR_ACC_DENIED')
self.receiving_data = 1
self.SendResponse('OK_TSFR_START')
def CreateUniqueMessageFilename(self):
global UNIQUE_ID_COUNTER, LOCAL_STORAGE
# create target directory name
directory = os.path.join(LOCAL_STORAGE,os.sep.join(map(str,time.localtime())[:3]))
# make sure directory exist
try:
os.makedirs(directory)
except:
pass
unique_filename = "%d.%s.%d" % (os.getpid(), str(time.clock()), UNIQUE_ID_COUNTER )
UNIQUE_ID_COUNTER += 1
return os.path.join(directory,unique_filename)
def RequiresSpamCheck(self):
# if the sender is a locally known address, ignore spam check
# so, if I send a message, it will never be checked for spam ;)
address = self.message['FROM']
if address[0] == '':
address = address[1:-1]
print "checking sender '%s'" % address
# if the receiver is a local user
user = ShicksUser.GetUserByAddress(address)
if user:
print "Don't check for spam, because '%s' is a known local address for user '%s'" % (address,user.getName())
return 0
# get the receiver name. if it is a local receiver that doesn't want to have
# spam checks, do so now
for receiver in self.message['TO']:
address = receiver
if address[0] == '':
address = address[1:-1]
print "checking receiver '%s'" % address
# if the receiver is a local user
user = ShicksUser.GetUserByAddress(address)
if user:
return user.getSpamCheck()
return 1
def RequiresPlaintextOnly(self):
# get the receiver name. if it is a local receiver that doesn't want to have
# spam checks, do so now
for receiver in self.message['TO']:
address = receiver
if address[0] == '':
address = address[1:-1]
# if the receiver is a local user
user = ShicksUser.GetUserByAddress(address)
if user:
return user.getPlaintextOnly()
return 0
def CreateCopyOfCurrentMessage(self):
# if required, check for incoming spam
if self.RequiresSpamCheck():
self.message["MSG"] = checkSpamMail(self.message["MSG"])
if self.RequiresPlaintextOnly():
self.message["MSG"] = plaintextOnly(self.message["MSG"])
self.message["MSG"].insert(0,"Received: from %s (%s) by Shicks! Version %s on %s at %s\r\n"\
% (self.sender_host, self.ip_address_string,
CURRENT_VERSION, socket.gethostname(), time.ctime()))
self.message["MSG"] = "".join(self.message["MSG"])
self.message["MSGLEN"] = len(self.message["MSG"])
unique_filename = self.CreateUniqueMessageFilename()
self.message["BODY"] = unique_filename
file = open(unique_filename,"wb")
file.write(self.message["MSG"])
file.close()
def StoreMessage(self,senderid,msgfilename,msglen,external):
msg = ShicksMessageList.CreateEmptyMessage()
msg.setUserId( senderid )
msg.setFilename( msgfilename )
msg.setMessageSize( msglen )
msg.setDeleted( external )
msg.setMessageType( external )
msg.saveChanges()
def SendMessage(self):
"Called when the message has been received completely. See comment for StartReceivingData()"
try:
self.CreateCopyOfCurrentMessage()
except:
traceback.print_exc()
self.receiving_data = 0
# check if the mail can be processed. This is true, if
# a) the sender is an internal address
# b) all receivers have an internal addres
can_process_message = 0
# step 1: test if this is a message from a local user, or from an outside user
sender = self.GetUserForAddress(self.message['FROM'])
sender_id = 0
if sender:
sender_id = sender.getId()
self.message["sender-id"] = sender_id
receivers = []
if not sender and self.is_local_connection:
sender = self.GetUserForAddress(ADMIN_ACCOUNT)
sender_id = sender.getId()
if sender:
# insert message to db
self.StoreMessage(sender_id,self.message["BODY"],self.message["MSGLEN"],1)
# it is, so process locally
for receiver in self.message['TO']:
recuser = self.GetUserForAddress(receiver)
if recuser:
# it is a local receiver, send immediately
self.SendCurrentMessageToLocalUser(recuser)
else:
# it is a remote receiver, forward to other SMTP host.
receivers.append(receiver[1:-1])
# finished; check if mails have to dispatched externally
if len(receivers):
# try sending externally. if not successfull, fail
self.SendCurrentMessageToRemoteUsers(sender_id,receivers)
# done!
else:
# it is a message from somebody outside
for receiver in self.message['TO']:
recuser = self.GetUserForAddress(receiver)
if recuser:
# it is a local receiver, send immediately
self.SendCurrentMessageToLocalUser(recuser)
else:
# it is a remote receiver, forward to other SMTP host.
receivers.append(receiver[1:-1])
if len(receivers):
print "Sorry, cannot dispatch to remote receivers '%s'" % str(receivers)
msgbody = "A message from %s could not be sent to %s.\r\n" % (self.message['FROM'],",".join(receivers))
msgbody += "The title of the message is '%s'." % self.GetCurrentSubject()
self.SendAdminMail(msgbody)
print "OK, sending OK"
self.SendResponse('OK_DATA_RECV')
# bugfix in 0.4 : reset messages
self.ResetMessage()
def CanSendMessage(self):
global STRICT_RELAY_TEST
# step 1: test if this is a message from a local user, or from an outside user
sender = self.GetUserForAddress(self.message['FROM'])
# if the sender is a local mailbox, the message can be sent
if sender:
return 1
# it is a message from somebody outside
can_process_message, remote_receivers = 1, 0
for receiver in self.message['TO']:
recuser = self.GetUserForAddress(receiver)
if STRICT_RELAY_TEST:
# if strict testing is enabled, ALL receivers must be local
if not recuser:
return 0
continue
elif recuser:
# if strict testing is disabled, at least one reciever must be local
return 1
remote_receivers = 1
if remote_receivers:
can_process_message = 0
assert( not STRICT_RELAY_TEST )
return can_process_message
def SendCurrentMessageToLocalUser(self,user):
userid = user.getId()
self.StoreMessage(userid,self.message["BODY"],self.message["MSGLEN"],0)
remote_receivers = []
# send to all forwarder entries
for forwardentry in user.getForwarders():
# handle recursive mail gracefully
if forwardentry[0] == userid:
print "Warning, do not forward message to self!"
# forward to internal user
elif forwardentry[0]:
self.StoreMessage(forwardentry[0],self.message["BODY"],self.message["MSGLEN"],0)
else:
remote_receivers.append(forwardentry[1])
if len(remote_receivers):
self.SendCurrentMessageToRemoteUsers(userid,remote_receivers)
return 1
def CanSendMessageUsingServer(self, senderid, fromaddr, addrlist, messagebody, servername):
print "trying to send message from %s to %s using server %s " % (fromaddr, ",".join(addrlist), servername)
try:
server = smtplib.SMTP(servername[1])
#server.set_debuglevel(1)
not_received = server.sendmail(fromaddr, addrlist, messagebody)
server.quit()
# Quote from the documentation: "If this method does not throw an exception, it returns a
# dictionary, with one entry for each recipient that was refused. Each entry contains a
# tuple of the SMTP error code and the accompanying error message sent by the server." EOQ
if not_received:
print "not_received=%s" % str(not_received)
addrlist = filter(lambda x, keys=not_received.keys(): x not in keys, addrlist)
else:
addrlist = []
except:
temp = cStringIO.StringIO()
traceback.print_exc(file=temp)
traceback.print_exc()
msg = temp.getvalue()
temp.close()
self.SendAdminMail("Exception caught while sending message titled\r\n\r\n'"+self.GetCurrentSubject()+\
"'\r\n\r\nto "+str(addrlist)+" using server '"+servername[1]+"'\r\n\r\n"+msg, senderid)
return addrlist
def SendMailToUser(self, senderid, fromaddr, toaddrlist, messagebody):
# first, for each target address, creates
address_domain_assoc = {}
for address in toaddrlist:
domain = domainOfAddress(address)
try:
address_domain_assoc[domain].append( address )
except:
address_domain_assoc[domain] = [address]
# now, send mail for all domains separately
for domain in address_domain_assoc.keys():
servers = mxlookup.MxRecordLookup(domain)
addrlist = address_domain_assoc[domain]
print "Domain '%s' has MX record %s" % (domain, str(servers))
if servers is not None:
if RELAY_SMTP_SERVER_NAME:
servers.append( (0, RELAY_SMTP_SERVER_NAME) ) # as a last resort
for server in servers:
addrlist = self.CanSendMessageUsingServer(senderid, fromaddr, addrlist, messagebody, server)
print "addrlist is now %s" % str(addrlist)
if not len(addrlist): break
# this message is not needed, because CanSendMessageUsingServer() will normally already report error messages.
if addrlist and not servers:
self.SendAdminMail("Unable to send message with subject\r\n\r\n'"+self.GetCurrentSubject()+\
"'\r\n\r\nto "+str(addrlist)+"\r\n", senderid)
else:
self.SendAdminMail("Unable to send message with subject\r\n\r\n'"+self.GetCurrentSubject()+\
"'\r\n\r\nbecause unable to lookup MX record for domain '"+domain+"'\r\n", senderid)
def SendCurrentMessageToRemoteUsers(self,senderid,receivers):
try:
global RELAY_SMTP_SERVER_NAME, USE_RELAY_SMTP_SERVER
if not RELAY_SMTP_SERVER_NAME and USE_RELAY_SMTP_SERVER:
print "Sorry, no relay server configured."
self.SendAdminMail("Sorry, no relay server configured. This means that the mail has not been forwarded to these addresses: %s" % ",".join(receivers), self.message["sender-id"])
return
print "sending message to remote users '%s'" % str(receivers)
self.SendMailToUser(senderid, self.message["FROM"][1:-1], receivers, self.message['MSG'])
except:
temp = cStringIO.StringIO()
traceback.print_exc(file=temp)
traceback.print_exc()
msg = temp.getvalue()
temp.close()
self.SendAdminMail("Exception caught while sending message titled\r\n\r\n'"+self.GetCurrentSubject()+\
"'\r\n\r\nto "+str(receivers)+"\r\nTraceback follows:\r\n"+msg, senderid)
def GetCurrentSubject(self):
messagebody = self.message['MSG']
if type(messagebody) == type([]):
for line in messagebody:
if line[:8].lower() == 'subject:':
return line[8:].strip()
else:
index = messagebody[:1000].lower().find("subject:")
if index >= 0:
line = messagebody[index+8:index+200]
index = line.find("\n")
if index >= 0:
line = line[:index]
line = line.strip()
return line
return ''
def SendAdminMail(self,msgbody,receiver_id=None):
global ADMIN_ACCOUNT
admin = ShicksUser.GetUserByAddress(ADMIN_ACCOUNT)
if not admin:
print "Warning, unable to send admin mail, because no postmaster is configured."
return None
if receiver_id is None:
receiver_id = admin.getId()
msg = "From: Shicks! Mail-Administrator\r\nTo: %s\r\n" % admin.getName()
msg += "Subject: Warning from Shicks! Mail-Administrator\r\nDate:%s\r\n" % time.asctime(time.localtime())
msg += "Importance: High\r\n"
msg += "\r\n"
msg += msgbody
unique_filename = self.CreateUniqueMessageFilename()
file = open(unique_filename,"wb")
file.write(msg)
file.close()
self.StoreMessage(receiver_id,unique_filename,len(msg),0)
return 1
def GetUserForAddress(self,address):
"Returns the user object for a given email address, or None if the address is unknown"
if address[0] == '':
address = address[1:-1]
user = ShicksUser.GetUserByAddress(address)
if user:
return user
# map unknown addresses only, if CATCH_ALL is enabled.
# it is disabled per default.
if (domainOfAddress(address).lower() == DEFAULT_LOCAL_DOMAIN.lower()):
if CATCH_ALL:
user = ShicksUser.GetUserByAddress(UNKNOWN_ACCOUNT)
if user:
print "Because of CATCH-ALL, %s is mapped to %s" % (address, UNKNOWN_ACCOUNT)
return user
def GetExpandedName(self,name):
if name[0] == '':
name = name[1:-1]
# step 1: look up address directly"
user = ShicksUser.GetUserByAddress(name)
if not user:
user = ShicksUser.GetUserByName(name)
if not user:
user = ShicksUser.GetUserByID(name)
if user:
return "" % name
def IsReceiverAllowed(self,address):
global ALLOW_UNKNOWN_RECEIVER_DEFAULT
if address[0] == '':
address = address[1:-1]
# New in Version 0.4: If the sender is a local address, it must
# come from a local IP, otherwise access is denied
if STRICT_RELAY_TEST and IP_ADDRESS_RANGE and not self.is_local_connection:
user = ShicksUser.GetUserByAddress(address)
if user:
print "Target address '%s' is local." % address
return 1
else:
fromstr = str(self.message["FROM"])
if fromstr not in ('','<>'):
print "Attempt to send message from '%s' to '%s' denied." % (fromstr, address)
self.SendAdminMail("""Warning, an attempt has been made to send a message
from '%s' to '%s'. The access has been denied.""" % (str(self.message["FROM"]), address))
return 0
if addressInRange( address, DENY_HOSTS_LIST ):
print "Address '%s' is on the deny-hosts list" % address
return 0
# if it is a local address, but unknown, and CATCH_ALL disabled, forbid sending
if not CATCH_ALL and (domainOfAddress(address).lower() == DEFAULT_LOCAL_DOMAIN.lower()):
user = ShicksUser.GetUserByAddress(address)
if user:
print "Target address '%s' is local." % address
else:
print "Because CATCH-ALL is disabled, %s is being denied access" % address
return 0
return 1
def IsSenderAllowed(self,address):
if address[0] == '':
address = address[1:-1]
# New in Version 0.4: If the sender is a local address, it must
# come from a local IP, otherwise access is denied
if STRICT_RELAY_TEST and IP_ADDRESS_RANGE and not self.is_local_connection:
user = ShicksUser.GetUserByAddress(address)
if user:
print "Error, sender '%s' has a local e-mail address, but comes from a remote IP '%s'" % (address, self.ip_address_string)
self.SendAdminMail("""Warning, an attempt has been made to send a message
from IP '%s' with the local e-mail address '%s'. The access has been denied.""" % (self.ip_address_string, address))
return 0
else:
print "Sender '%s' is not a known local address, so use of remote IP "\
"'%s' is possible." % (address, self.ip_address_string)
if addressInRange( address, DENY_HOSTS_LIST ):
print "Address '%s' is on the deny-hosts list" % address
return 0
return 1
def StartSMTPServer():
server = SMTPServer(('', 25), SMTPRequestHandler)
print "SMTP server starting - Version %s on %s" % (CURRENT_VERSION,socket.gethostname())
server.serve_forever()
print "SMTP server returned"
if __name__ == '__main__':
# read configuration
TRACE_DIRECTORY = GetConfigSettings("Logfiles",(os.name == "nt") and "c:\\shicks\\log" or "/usr/share/shicks/log")
try:
os.makedirs(TRACE_DIRECTORY)
except:
pass
ShicksTrace.TraceFileName = os.path.join(TRACE_DIRECTORY,"SMTPServer.log")
ShicksTrace.Enable()
StartSMTPServer()
SMTPStatusMessages.py 0100755 0000764 0001001 00000005256 07470657762 015441 0 ustar Administrator None #! /usr/bin/python
#
# SMTPStatusMessages.py 0.9
#
# Copyright (C) 2001,2002 Gerson Kurz (not@p-nand-q.com)
# BSD-Licensed. This is free software, enjoy!
# messages that can be sent during SMTP communication.
status_msgs = {
'OK_HELP' : '214 Help not available. RTFM!\r\n',
'OK_WELCOME' : '220 Shicks! SMTP Service %s ready\r\n',
'OK_QUIT' : '221 Closing transmission channel\r\n',
'OK_NOOP' : '250 OK\r\n',
'OK_GREETING' : '250 Hello %s [%s], pleased to meet you\r\n',
'OK_FROM_ACCPT' : '250 Sender has been accepted\r\n',
'OK_TO_ACCPT' : '250 Receiver has been accepted\r\n',
'OK_RESET' : '250 Session reset\r\n',
'OK_VERIFY' : '250 %s\r\n',
'OK_DATA_RECV' : '250 Data received\r\n',
'OK_TSFR_START' : '354 Start mail input; end with .\r\n',
'OK_AUTH' : '235 Authentication successful\r\n',
'OK_SEND_AUTH_NEXT' : '334 %s\r\n',
'OK_SEND_AUTH_COMPLETED' : '334 OK\r\n',
'OK_EHLO' : '250-Shicks! SMTP Service %s ready\r\n250-AUTH=LOGIN CRAM-MD5\r\n250-AUTH LOGIN CRAM-MD5\r\n250-SIZE\r\n250-VRFY\r\n250 HELP\r\n',
'ERR_CMD_UNKNOWN' : '500 "%s" Syntax error, command unrecognized\r\n',
'ERR_DOMAIN_REQ' : '501 HELO requires domain address\r\n',
'ERR_MISS_FROM' : '501 MAIL command without "FROM:"\r\n',
'ERR_MISS_TO' : '501 RCPT command without "TO:"\r\n',
'ERR_USR_UNKNOWN' : '550 No user called "%s" known\r\n',
'ERR_ACC_DENIED' : '551 Access denied - relaying attempt blocked\r\n',
'ERR_ACC_DENIED_BY_BLACKLIST' : '551 Access denied - %s is blacklisted by %s\r\n',
'ERR_ACC_DENIED_BY_RULE' : '551 Access denied - host %s is on the local deny-hosts-list\r\n',
'ERR_ACC_DENIED_UNKNOWN_USER' : '551 Access denied - %s is not a known user\r\n',
'ERR_ACC_DENIED_NO_DOMAIN' : '551 Access denied - you must give a domain name\r\n',
'ERR_ACC_DENIED_INVALID_DOMAIN' : '551 Access denied - domain "%s" does not resolve\r\n',
'ERR_AUTH_REQ' : '530 Authentication required\r\n',
'ERR_AUTH_TYPE' : '504 Unrecognized authentication type\r\n',
'ERR_AUTH_FAILED' : '535 Authentication failure\r\n',
'ERR_UNKNOWN_MBOX' : '550 Requested action not taken: mailbox unknown\r\n',
}
SMTPUtilities.py 0100755 0000764 0001001 00000005401 07470460655 014422 0 ustar Administrator None #! /usr/bin/python
#
# SMTPUtilities.py 0.9
#
# Copyright (C) 2001,2002 Gerson Kurz (not@p-nand-q.com)
# BSD-Licensed. This is free software, enjoy!
import ShicksSpamTokens
def domainOfAddress(address):
x = address.find('@')
if x >= 0:
return address[x+1:]
return ""
def splitMailHeader(s):
result = []
startindex = -1
index = 0
while index < len(s):
c = s[index]
if c == ' ':
# ok, split
if startindex != -1:
result.append(s[startindex:index])
startindex = -1
elif c == ':':
# ok, split
if startindex != -1:
result.append(s[startindex:index+1])
startindex = -1
# ok, split *including* this character
elif startindex == -1:
startindex = index
index += 1
if startindex != -1:
result.append(s[startindex:])
return result
def isSpamSubjectLine(subject):
subject = subject.lower()
reload(ShicksSpamTokens)
weight = float(reduce(lambda x,y:x+y,map(ord,subject)))/len(subject)
if weight > 128:
print "Weight %.2f indicates spam mail." % weight
return 1
for token_tuple in ShicksSpamTokens.subject_tokens:
found = 0
for token in token_tuple:
if subject.find(token) >= 0:
found += 1
if found == len(token_tuple):
print "Tokens '%s' indicate spam mail." % str(token_tuple).strip()
return 1
tokens = subject.split()
try:
isdigit = int(tokens[-1])
except:
isdigit = 0
if isdigit:
print "Integer as last token indicates spam mail."
return 1
return 0
def checkSpamMail(lines):
index = -1
for line in lines:
index += 1
if line.strip() == "": break
s = line.find(':')
if s < 0: continue
tokens = (line[:s],line[s:])
keyword = tokens[0].lower()
if keyword == 'subject':
if isSpamSubjectLine(tokens[1]):
print "SPAM SUBJECT: "+tokens[1].strip()
new_subject_line = line[:9] + "[SPAM] " + line[9:]
lines[index] = new_subject_line
else:
print "NOT SPAM SUBJECT: "+ tokens[1].strip()
break
return lines
def plaintextOnly(lines):
for index in xrange(len(lines)):
line = lines[index]
lstart = line.lower()
for pattern in ("content-type: application/ms-tnef","content-type: text/html"):
if lstart[:len(pattern)].lower() == pattern:
lines[index] = "Content-Type: text/plain" + line[len(pattern):]
return lines
ShicksAdmin.py 0100755 0000764 0001001 00000133321 07470662223 014136 0 ustar Administrator None #!c:\usr\bin\python.exe
#
# ShicksAdmin.py 0.9
#
# Copyright (C) 2001 Gerson Kurz
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 1, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
import cgi, sys, os, string, time, traceback
import binascii, rotor, maildb, re, copy, smtplib
from ShicksConfig import GetConfigSettings
import ShicksUser # user management
print "Content-type: text/html\n"
print ''
print ''
print ''
print ''
print ''
class fehler:
def write(self,x):
print '',x,""
sys.stderr = fehler()
USE_ENCODED_URLS = 1
RELAY_SMTP_SERVER_NAME = GetConfigSettings("SmtpRelayServer","")
def MAP_ROOT_NAME(filename):
return filename
# if your cgi-bin access path to the mail files differs from the one in the database,
# you can edit this function. In the example below, the local linux name is mapped
# to a NT server share name.
if filename[:14] == "/usr/pergamon/":
filename = "\\\\darkstar\\alles\\pergamon\\" + filename[14:].replace("/","\\")
return filename
## ~~~~~~~~~~~~~~~~~~~~ Beginn der Datenbankroutinen ~~~~~~~~~~~~~~~~~~~~~~~~
def ConvertTextareaToHtml(t,stripleadingbrs=0):
t = t.split('\n')
for i in range(len(t)):
w = t[i]
if len(w):
if w[-1] == '\r':
t[i] = w[:-1]
if (i+1) < len(t):
t[i] = t[i]+''
if stripleadingbrs:
x = t[-1]
while len(x)>5 and (x[-4:] == ''):
x = x[:-4]
t = string.join(t,'')
while 1:
x = t.find('